Time and Time Again: Twitter Users Fall for Same Old Scam

Below:

Next story in Security

Judging by the latest Twitter scam promising to tell you how many
hours you've spent logged in to the social networking site, the
old aphorism rings true: there is a sucker born every minute.

Similar to the " Time
on Tweeter " scam that hit the site recently, this week's
variation on the theme comes in the form of an app called
TimeChecker2.6. Included as a link in a posted message, the
third-party app can take control of your account and propagate
itself by sending out tweets to all your contacts with an
enticing offer such as, "I have spent: 23.8 hours on Twitter! See
how much you have."

Graham Cluley from the security firm
Sophos tested the malicious TimeChecker app, which uses
trending topics to increase its visibility, and found that it
tweeted the spam message more than a dozen times in less than 30
seconds.

TimeChecker even asks users to type in their email addresses, a
mistake that could give the scammers the credentials they need to
further compromise your
online identity.

Users can disable TimeChecker and other rogue third-party apps by
revoking the app's rights under Twitter's Settings/Connections
tab.

Security experts urge Twitter and Facebook users to never accept
unsolicited offers and to be cautious about clicking on links,
even ones sent by friends. And for the record, there is no app
that can tell you how long you've spent on Twitter or Facebook.
So next time you see this scam — and there will be a next time —
ignore it.